Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/9c5404-5ea4-4776-8cec-aedbbf468028/1/QRS2Bflfe0xejiEg684RuZpiggU.roa
File: QRS2Bflfe0xejiEg684RuZpiggU.roa (raw, json)
Hash identifier: ijUirA5u+N/7OSoJT05LeNhpa516JmJ6KLpB2bdmFFk=
Subject key identifier: 41:14:B6:05:F9:5F:7B:4C:5E:8E:21:20:EB:CE:11:B9:9A:62:82:05
Certificate issuer: /CN=1ec0434a5c3cf2374ca360331926ae7d24ac345b
Certificate serial: 01856F6FEBE954415FAA4E2ED5E083E36CFF
Authority key identifier: 1E:C0:43:4A:5C:3C:F2:37:4C:A3:60:33:19:26:AE:7D:24:AC:34:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HsBDSlw88jdMo2AzGSaufSSsNFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/9c5404-5ea4-4776-8cec-aedbbf468028/1/QRS2Bflfe0xejiEg684RuZpiggU.roa
Signing time: Sun 01 Jan 2023 22:24:43 +0000
ROA not before: Sun 01 Jan 2023 22:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.201.20.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:6f:eb:e9:54:41:5f:aa:4e:2e:d5:e0:83:e3:6c:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ec0434a5c3cf2374ca360331926ae7d24ac345b
Validity
Not Before: Jan 1 22:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4114b605f95f7b4c5e8e2120ebce11b99a628205
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:35:75:2e:e4:ec:b7:12:c5:24:9a:8d:9d:3e:
17:34:f6:73:af:54:1c:c5:13:38:77:4f:61:6e:bc:
e9:80:56:11:1e:ce:da:e0:9e:3f:30:1d:3b:16:77:
23:a0:81:67:00:fa:b5:1c:0e:52:dc:44:53:7e:64:
30:47:65:72:6b:3a:c5:db:ea:91:5d:11:66:2f:a9:
6c:a2:ad:31:95:6a:23:ed:dd:5e:c4:ca:03:cc:51:
fc:56:f7:e1:e3:a1:84:23:3a:fc:b7:fd:22:46:74:
96:7e:13:ae:2f:0e:30:34:d8:89:99:f6:15:74:f5:
59:da:09:c3:4d:d6:8a:59:04:bf:c3:e0:e5:9a:2e:
d9:bf:30:9b:66:5e:5d:5e:05:c3:28:7c:01:95:35:
d3:03:02:91:4e:e0:82:0f:ca:73:d7:fe:c2:5f:11:
d1:21:0b:de:b2:6b:40:46:f9:87:64:58:c8:a0:83:
08:59:0d:d3:8a:8e:00:05:2d:4d:e1:76:25:b9:91:
24:a7:f4:85:93:19:d1:f0:26:6d:ae:cc:11:a4:9b:
ab:9d:5b:04:6c:3a:8c:83:6d:0d:ff:73:06:e7:db:
95:1c:9a:09:ac:5c:70:bd:e4:6b:58:db:f9:0d:85:
fb:83:b2:ed:9d:5b:77:2c:28:9c:ef:70:01:63:40:
36:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:14:B6:05:F9:5F:7B:4C:5E:8E:21:20:EB:CE:11:B9:9A:62:82:05
X509v3 Authority Key Identifier:
keyid:1E:C0:43:4A:5C:3C:F2:37:4C:A3:60:33:19:26:AE:7D:24:AC:34:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HsBDSlw88jdMo2AzGSaufSSsNFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c5404-5ea4-4776-8cec-aedbbf468028/1/QRS2Bflfe0xejiEg684RuZpiggU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c5404-5ea4-4776-8cec-aedbbf468028/1/HsBDSlw88jdMo2AzGSaufSSsNFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.20.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:23:6b:18:ac:9c:6c:67:30:5d:e1:60:83:e4:19:10:ac:ab:
46:17:1c:f6:93:3e:ae:2b:53:86:3c:17:ff:23:61:47:40:90:
19:f6:9b:d1:c0:61:7c:cd:16:07:d8:23:1d:38:86:11:0a:d7:
7a:37:3d:d0:96:01:ac:49:cc:41:44:aa:6a:65:81:ed:c8:69:
18:3d:ca:3c:e2:ea:13:c6:77:42:8f:b1:03:c7:b0:ba:30:79:
8b:12:fc:05:71:36:1b:7c:ac:e6:c2:3c:8e:ef:7d:89:35:98:
c6:6e:14:df:51:f9:98:fa:bb:69:42:23:d1:c7:8d:26:5f:bb:
72:90:59:1c:98:53:e9:74:68:fd:e9:b8:53:dc:2b:0d:2b:04:
27:1f:65:91:b3:bf:27:7e:65:14:a2:61:b6:22:81:b4:62:8e:
43:38:c4:60:c1:37:16:22:2e:65:74:c7:a2:a2:3a:87:4c:f2:
ed:00:21:20:75:79:16:e3:81:f7:93:5a:72:c9:9d:d4:8f:6d:
47:62:d4:00:d5:83:42:c8:43:4b:f9:0d:0b:f5:4d:c7:55:cf:
d4:03:43:a2:af:13:3f:44:05:9e:f1:66:14:bf:91:73:61:b2:
e4:cd:58:cc:7b:5f:98:93:d4:4e:e2:52:8a:8a:d8:ed:f7:a1:
5e:01:c7:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvb+vpVEFfqk4u1eCD42z/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYzA0MzRhNWMzY2YyMzc0Y2EzNjAzMzE5MjZhZTdkMjRh
YzM0NWIwHhcNMjMwMTAxMjIyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTE0YjYwNWY5NWY3YjRjNWU4ZTIxMjBlYmNlMTFiOTlhNjI4MjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjV1LuTstxLFJJqNnT4XNPZzr1Qc
xRM4d09hbrzpgFYRHs7a4J4/MB07FncjoIFnAPq1HA5S3ERTfmQwR2VyazrF2+qR
XRFmL6lsoq0xlWoj7d1exMoDzFH8Vvfh46GEIzr8t/0iRnSWfhOuLw4wNNiJmfYV
dPVZ2gnDTdaKWQS/w+Dlmi7ZvzCbZl5dXgXDKHwBlTXTAwKRTuCCD8pz1/7CXxHR
IQvesmtARvmHZFjIoIMIWQ3Tio4ABS1N4XYluZEkp/SFkxnR8CZtrswRpJurnVsE
bDqMg20N/3MG59uVHJoJrFxwveRrWNv5DYX7g7LtnVt3LCic73ABY0A2IQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEEUtgX5X3tMXo4hIOvOEbmaYoIFMB8GA1UdIwQY
MBaAFB7AQ0pcPPI3TKNgMxkmrn0krDRbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHNCRFNsdzg4amRNbzJBekdTYXVmU1NzTkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85YzU0MDQtNWVhNC00Nzc2LThjZWMt
YWVkYmJmNDY4MDI4LzEvUVJTMkJmbGZlMHhlamlFZzY4NFJ1WnBpZ2dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85YzU0MDQtNWVhNC00Nzc2LThjZWMtYWVkYmJmNDY4MDI4
LzEvSHNCRFNsdzg4amRNbzJBekdTYXVmU1NzTkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuckUMA0G
CSqGSIb3DQEBCwUAA4IBAQANI2sYrJxsZzBd4WCD5BkQrKtGFxz2kz6uK1OGPBf/
I2FHQJAZ9pvRwGF8zRYH2CMdOIYRCtd6Nz3QlgGsScxBRKpqZYHtyGkYPco84uoT
xndCj7EDx7C6MHmLEvwFcTYbfKzmwjyO732JNZjGbhTfUfmY+rtpQiPRx40mX7ty
kFkcmFPpdGj96bhT3CsNKwQnH2WRs78nfmUUomG2IoG0Yo5DOMRgwTcWIi5ldMei
ojqHTPLtACEgdXkW44H3k1pyyZ3Uj21HYtQA1YNCyENL+Q0L9U3HVc/UA0OirxM/
RAWe8WYUv5FzYbLkzVjMe1+Yk9RO4lKKitjt96FeAcd+
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:13 2025 by rpki-client